For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Chris_Wentland's avatar
Chris_Wentland
Icon for Nimbostratus rankNimbostratus
Jan 07, 2015

Possibly. If you are using SNAT automap on the LTM, then you will need to configure the floating IP address in your admission rule because all traffic will originate from it. If you configure an explicit SNAT IP or pool, those will require admission also. If you are not using SNAT, then you should only require the Self IP's to allow for monitoring, but would also need to permit all client traffic from the internet as well, since the F5 will not change the source IP of the packet without SNAT enabled.